Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Five Things to Know About Third Party Risk

It's no longer enough to simply ensure that your organization's systems and enterprise web presence are secure. Your risk management program needs to look beyond the perimeter of your organization to properly vet the third and fourth-party vendors who will have access to your data without being subject to your internal risk management process. The use of third parties in your supply chain or for data handling create potential risks that can be compounded by these third-party weaknesses.

What is CCPA Data Minimization?

With enhanced information security becoming increasingly more urgent, privacy protection efforts are ramping up for many industries. One of the more recent measures to address data privacy has come from the latest California Consumer Privacy Act (CCPA) Proposition 24, also known as the California Privacy Rights Act of 2020 (CPRA).

What Is the Threshold Application of the CCPA?

When the California Consumer Privacy Act took effect on Jan. 1, 2020, many businesses scrambled to determine whether the law applied to them. The CCPA is the most stringent privacy law enacted in the United States, and for various reasons, its reach can extend well beyond the state’s borders. The objective of the CCPA is to give consumers certain rights to protect their personal data that companies might collect, store, and process for commercial purposes.

ZenGRC Demonstrates Industry Leadership with 15 Consecutive Quarters of Recognition on G2 Winter 2020 Grid Report for GRC Platforms

SAN FRANCISCO – December 16, 2020 – Reciprocity, the company behind ZenGRC, the industry-leading information security risk and compliance solution, today announced ZenGRC has earned two badges on the G2 Winter 2020 Grid Report. This marks the 15th consecutive quarter ZenGRC has been recognized by G2 in its quarterly report. G2 is a peer-to-peer business solutions review website, leveraging customer feedback to rank the best business software and services.

Featured Post

Create your Business Data Retention Policy

With the growing amount of data collected by various industries and organizations, it makes sense for business owners to want to create and enforce a robust data retention policy. Data retention policy allows organizations to manage the way they handle personal information. This includes tracking how long a set of data must be kept and how to delete the data when it's no longer needed.

How to Perform an IT Cyber Security Risk Assessment: Step-by-Step Guide

A cyber security risk assessment is about understanding, managing, controlling and mitigating cyber risk across your organization. It is a crucial part of any organization's risk management strategy and data protection efforts. Risk assessments are nothing new and whether you like it or not, if you work in information security, you are in the risk management business.

How to Prioritise Cybersecurity Budgets in 2022

As we approach the new year, many organisations will be working out how to prioritize cybersecurity budgets in 2022. However, with the threat landscape evolving so quickly, what may have offered sufficient protection last year, might no longer be viable. This means security leaders will need to complete an evaluation of their organisation’s security posture.

What is Third-Party Risk Management?

Creating and maintaining relationships with third parties brings about multiple risks. Whether your organization is large or small, it’s almost certain that you have business relationships with many third parties for specific types of operations. When operational data and confidential information are exchanged with third parties, that data and information are vulnerable to misuse and exploitation. This is where risk comes into the equation.

Featured Post

How to Handle a Data Breach Within Your Company

Prevention, they say, is better than cure. Most companies have put in place stringent data security measures to prevent any kind of breach. However, following recent security breaches of tech-savvy giants like Twitter, Target, and Gmail, it's clear that no company is 100% immune to a breach. Therefore, businesses must draw an action plan for handling a data breach should the security and prevention measures fail. Here's a comprehensive data breach response guide every company should implement when the situation calls for it.

Automotive threat analysis and risk assessment method

The TARA method provides risk evaluation, assessment, treatment, and planning for identified risks. Learn how to apply this method to the ISO SAE 21434 standard. In our earlier blog posts we covered the ISO SAE 21434 standard, including the organizational cyber security plan as well as the cyber security assurance levels in depth. We will now look at the impact calculation and detailed threat analysis and risk assessment (TARA) coverage within this new standard.